Is there a better, more “Standard” way to perform SQL queries in PHP without using a framework?

Question

For the longest time, I\'ve been using the following basic formatting for SQL queries within my PHP:

$sql = \"SELECT * FROM `user-data` WHERE `id` = \'\".$id.\"\         


        

Answer 1

PDO is a good, solid, secure solution that many frameworks build off of. If you're going to start from the bottom, PDO is a solid foundation.

Answer 2

Try:

$stat2 = <<<SQL
SELECT *  from YOUR.DET_TABLE
WHERE ID = ?
ORDER BY ID, EFF_DT
SQL;
  $d_cur = $conn->prepare($stat2);
  $status   = $d_cur->execute(array($selected));